This project is a starter implementation for your proposal: AI-driven password strength evaluation using machine learning and attack simulation.
- Password feature extraction module.
- Lightweight ML-style centroid classifier (dependency-light).
- Brute-force, dictionary, and hybrid simulation module.
- Flask web interface for password evaluation.
- Training script with sample dataset.
cd c:\Users\Administrator\Documents\AYLF\siis_password_ai
python -m venv .venv
.venv\Scripts\Activate.ps1
pip install -r requirements.txtpython scripts\train_model.pypython app.pyOpen http://127.0.0.1:5000.
User enters password
|
v
Feature Extraction
(length, digits, symbols, entropy, patterns)
|
v
ML Strength Prediction
(weak / medium / strong)
|
v
Attack Simulation
(brute force, dictionary, hybrid)
|
v
Risk Report
(risk level, crack-time estimate, improvement hints)
- Problem: rule-based checkers can misclassify weak passwords.
- Solution: AI + attack simulation framework.
- Architecture: input -> feature extractor -> ML model -> simulator -> report.
- Live Demo:
- Test
password123(expected high risk). - Test
C0mp!exKey2026(expected lower risk).
- Test
- Results: show predicted class, risk level, and crack-time bucket.
- Impact: stronger user password habits and better policy enforcement.
- Future Work: larger datasets, stronger ML models, real-time integration.
- Replace sample dataset with a larger labeled dataset.
- Replace centroid classifier with Random Forest/XGBoost in full implementation.
- Add confusion matrix and ROC curves to your report.
- Add API endpoints for integration into registration systems.